US firm pushed to brink by China hack attack

A family-owned firm came under relentless assault after accusing China of pirating its software to build the Green Dam cybercensor

By Michael Riley / Bloomberg

Illustration: Yusha

During his civil lawsuit against the People’s Republic of China, Brian Milburn says he never once saw one of the country’s lawyers. He read no court documents from China’s attorneys because they filed none. The voluminous case record at the US District courthouse in Santa Ana, California, contains a single communication from China: a curt letter to the US Department of State, urging that the suit be dismissed.

That does not mean Milburn’s adversary had no contact with him.

For three years, a group of hackers from China waged a relentless campaign of cyberharassment against Solid Oak Software, Milburn’s family-owned, eight-person firm in Santa Barbara, California.

The attack began less than two weeks after Milburn publicly accused China of appropriating his company’s parental filtering software, CYBERsitter, for a national Internet censoring project. And it ended shortly after he settled a US$2.2 billion lawsuit against the Chinese government and a string of computer companies in April.

In between, the hackers assailed Solid Oak’s computer systems, shutting down Web and e-mail servers, spying on an employee with her webcam, and gaining access to sensitive files in a battle that caused company revenues to tumble and brought it within a hair’s breadth of collapse.

As the public dispute unfolded in decorous courtrooms, Milburn’s computer prowess was tested to its limits in what amounted to a digital home invasion by what he later learned was one of the most prolific hacking teams in China. He waged his own desperate one-man fight without weapons or help from authorities, swapping out servers, puzzling over middle-of-the-night malfunctions, and watching his sales all but evaporate — his every keystroke monitored by spies who had turned his technology against him.

Milburn, 61, rarely took a day off during that time as he struggled around the clock to keep his computer network running and his firm afloat. He doubts he will ever know exactly what was going on, but he has theories.

“It felt like they had a plan,” says Milburn, sitting in his office two blocks from Santa Barbara’s main drag, where he is now focused on rebuilding his business. “If they could just put the company out of business, the lawsuit goes away. They didn’t need guys with guns or someone to break my kneecaps.”

The cyberattack against Solid Oak provides a rare look at the clandestine methods in play as high-tech spies and digital combatants seek to gain a brass-knuckle advantage in the global economy, from trade disputes to big-dollar deals to lawsuits.

US officials say that China in particular uses its national security apparatus for such intrusions, targeting thousands of US and European corporations and blurring the traditional lines of espionage.

While his civil case was pending, Milburn did not discuss the cyberintrusion publicly, saying only that the company and its Los Angeles-based law firm had received e-mails containing spyware. He had no idea who was behind it until last August, when he provided malware samples to a security firm at the request of a reporter.

A forensic analysis of the malware by Joe Stewart, a threat expert at Atlanta-based Dell SecureWorks, identified the intruders who rifled Solid Oak’s networks as a team of Shanghai-based hackers involved in a string of sensitive national security-related breaches going back years.